KillSec Ransomware Group's Attack on Paschim Banga Gramin Bank

KillSec ransomware group has attacked Paschim Banga Gramin Bank and leaked a sample of data, including branch information, PBGB Business Dashboard, Policies, schemes, seniority lists, and more. The gang demanded a ransom of €10,000, with a deadline of 11 April. Paschim Banga Gramin Bank is a premier regional rural bank in India. It is under the ownership of the Ministry of Finance, Government of India. It was established on 26 February 2007.

KillSec: A New Ransomware Group

KillSec is a new ransomware group that has carried out its first attacks. The gang describes itself as a "cyber security team" and has targeted many organizations. The group's brazenness is clear in their public announcements and communications. They went on Telegram on October 25, 2023, to advertise their ransomware operations, revealing their intent to disrupt and profit from their illegal activities. Subsequent attacks on high-profile organizations such as the Romanian Police and Paschim Bengal Gramin Bank underscore their audacity and ability.

Operational Sophistication

KillSec operates with a level of sophistication that is hard to believe, given that the group is in its infancy. Making use of a TOR domain and a nginx server ensures anonymity and efficiency in its operations. Moreover, it demands payment in XMR (Monero), a privacy-focused cryptocurrency, which adds another layer of complexity to the task of tracking and apprehending the malefactors.